Phishing is the fraudulent practice of sending emails or other messages claiming to be from trustworthy companies. These messages encourage individuals to disclose personal information, such as passwords and credit card numbers.
Many people don’t realize that cybercriminals can also deliver phishing attacks through text messages, which is known as smishing. These types of scams often mimic a government agency, bank, or delivery company to appear legitimate.
Some of the common indicators of a smishing scheme include messaging that creates a sense of urgency with phrases like:
n “Your account has been suspended.”
n “There is suspicious activity on your account.”
n “There is an error with your shipping address.”
n “There is a package waiting for you at the post office.”
USPS® does not send unsolicited text messages. If you receive a message from USPS about a package that you did not send, do not click on the message as it is likely a smishing scam.
Keep your information secure with these tips:
n Do not click. Do not open any link or attachment from a sender you cannot verify.
n Report the message to your service provider. Copy the message and forward it to 7726 (SPAM). This will help your wireless provider identify and block similar messages in the future.
Additionally, USPS offers a free service called Informed Delivery®, which is available to anyone with a residential address or PO Box™ in an eligible ZIP Code™. With Informed Delivery, users can get preview images of incoming mail, as well as status updates for incoming and outbound packages. Find out if you are eligible for this service at usps.com/manage/informed-delivery.htm.
For more information about smishing scams:
n Visit the CyberSafe at USPS® pages on Blue (blue.usps.gov/cyber) and LiteBlue (liteblue.usps.gov/cyber).
n Visit the Monthly Awareness Campaigns page at blue.usps.gov/cyber/communications.htm.
— Corporate Information Security Office,
Chief Information Security Officer, 3-9-23